[Secure-testing-commits] r53718 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Jul 20 18:59:44 UTC 2017 

Author: carnil
Date: 2017-07-20 18:59:44 +0000 (Thu, 20 Jul 2017)
New Revision: 53718

Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-20 18:59:34 UTC (rev 53717)
+++ data/CVE/list	2017-07-20 18:59:44 UTC (rev 53718)
@@ -99,9 +99,9 @@
 CVE-2017-11441 (The WHM Upload Locale interface in cPanel before 56.0.51, 58.x before ...)
 	NOT-FOR-US: WHM Upload Locale interface in cPanel
 CVE-2017-11440 (In Sitecore 8.2, there is absolute path traversal via the ...)
-	TODO: check
+	NOT-FOR-US: Sitecore
 CVE-2017-11439 (In Sitecore 8.2, there is reflected XSS in the ...)
-	TODO: check
+	NOT-FOR-US: Sitecore
 CVE-2017-11438
 	RESERVED
 CVE-2017-11437
@@ -1928,7 +1928,7 @@
 CVE-2017-10802
 	RESERVED
 CVE-2017-10801 (phpSocial (formerly phpDolphin) before 3.0.1 has XSS in the PATH_INFO ...)
-	TODO: check
+	NOT-FOR-US: phpSocial
 CVE-2017-10800 (When GraphicsMagick 1.3.25 processes a MATLAB image in coders/mat.c, it ...)
 	- graphicsmagick 1.3.26-1 (bug #867060)
 	[stretch] - graphicsmagick <no-dsa> (Minor issue)
@@ -2228,7 +2228,7 @@
 CVE-2017-10677
 	RESERVED
 CVE-2017-10676 (On D-Link DIR-600M devices before C1_v3.05ENB01_beta_20170306, XSS was ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2017-10675
 	RESERVED
 CVE-2017-10674 (Antiy Antivirus Engine 5.0.0.06281654 allows local users to cause a ...)
@@ -4395,7 +4395,7 @@
 	NOTE: https://www.genivia.com/changelog.html#Version_2.8.48_upd_(06/21/2017)
 	NOTE: SuSE patch: https://bugzilla.suse.com/attachment.cgi?id=733005
 CVE-2017-9764 (Cross-site scripting (XSS) vulnerability in MetInfo 5.3.17 allows ...)
-	TODO: check
+	NOT-FOR-US: MetInfo
 CVE-2017-9780 (In Flatpak before 0.8.7, a third-party app repository could include ...)
 	{DSA-3895-1}
 	- flatpak 0.8.7-1 (bug #865413)
@@ -9543,7 +9543,7 @@
 CVE-2017-7979 (The cookie feature in the packet action API implementation in ...)
 	- linux <not-affected> (Only affects 4.11-rc1 onwards)
 CVE-2017-7977 (The Screensavercc component in eLux RP before 5.5.0 allows attackers ...)
-	TODO: check
+	NOT-FOR-US: Screensavercc component in eLux RP
 CVE-2017-7976 (Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of ...)
 	{DSA-3855-1 DLA-942-1}
 	- jbig2dec 0.13-4.1 (bug #860787)
@@ -14889,7 +14889,7 @@
 	[jessie] - sane-backends <no-dsa> (Minor issue)
 	NOTE: Upstream patch: https://anonscm.debian.org/cgit/sane/sane-backends.git/commit/frontend/saned.c?id=42896939822b44f44ecd1b6d35afdfa4473ed35d
 CVE-2017-6316 (Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2017-6315
 	RESERVED
 CVE-2017-6335 (The QuantumTransferMode function in coders/tiff.c in GraphicsMagick ...)

More information about the Secure-testing-commits mailing list